Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/hKuVVstZ02VioTPU34B-tgb6FfI.roa
File: hKuVVstZ02VioTPU34B-tgb6FfI.roa (raw, json)
Hash identifier: 9RtTecT00lHLwMeGAYm5KnMAIC6qfKAoUYCdUXmalcY=
Subject key identifier: 84:AB:95:56:CB:59:D3:65:62:A1:33:D4:DF:80:7E:B6:06:FA:15:F2
Certificate issuer: /CN=0c57cb3a1e53e7629ee3b9f2672d4571ef85d2c8
Certificate serial: 018CC2DACF0F279016E3F9C1B97ECA1835F3
Authority key identifier: 0C:57:CB:3A:1E:53:E7:62:9E:E3:B9:F2:67:2D:45:71:EF:85:D2:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFfLOh5T52Ke47nyZy1Fce-F0sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/hKuVVstZ02VioTPU34B-tgb6FfI.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48137
IP address blocks: 94.126.49.0/24 maxlen: 24
94.126.50.0/24 maxlen: 24
94.126.51.0/24 maxlen: 24
94.126.48.0/24 maxlen: 24
2a02:f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/DFfLOh5T52Ke47nyZy1Fce-F0sg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/DFfLOh5T52Ke47nyZy1Fce-F0sg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFfLOh5T52Ke47nyZy1Fce-F0sg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 07:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cf:0f:27:90:16:e3:f9:c1:b9:7e:ca:18:35:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c57cb3a1e53e7629ee3b9f2672d4571ef85d2c8
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84ab9556cb59d36562a133d4df807eb606fa15f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:04:16:bd:fa:4c:74:3f:55:e6:7e:11:28:
af:ad:b9:2b:01:0e:71:18:8d:5d:5b:71:d5:a1:73:
39:69:d2:d4:86:40:c9:3d:b6:48:85:e4:41:34:4c:
f1:57:61:bf:3f:30:d1:3c:ed:55:16:da:3a:a6:ab:
bb:fc:58:31:c8:c8:7a:0a:7e:e6:0c:86:5d:35:1e:
22:8e:bb:3d:3c:68:28:cf:22:65:47:a0:e8:0e:48:
0a:f0:09:c4:67:a5:0e:0d:89:02:6f:3f:8f:03:08:
4e:a3:16:69:da:52:4f:44:34:2d:dd:cf:9f:36:99:
f2:21:a5:d3:b9:43:d9:7c:ee:3e:40:1a:0f:bb:cc:
db:18:96:f2:1f:0c:88:cd:f6:b5:f8:37:2c:bb:79:
23:e5:fa:2b:c4:09:49:d6:23:24:ed:2c:ff:8d:58:
f7:ac:a5:8c:6f:04:0d:9f:f6:af:8a:28:0b:16:b2:
97:df:72:ad:6e:f9:d7:6f:b0:5c:e7:b0:8d:c8:53:
5f:1d:8a:31:42:73:ca:12:22:c5:67:6f:69:7d:24:
41:62:f1:70:24:8a:c6:a1:98:4e:eb:cd:52:10:d9:
e1:b1:c9:b3:8b:9a:a2:f7:a1:b1:ad:4e:76:ac:8b:
3b:da:30:83:cb:37:9d:06:90:e1:59:4d:04:e3:2b:
ce:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AB:95:56:CB:59:D3:65:62:A1:33:D4:DF:80:7E:B6:06:FA:15:F2
X509v3 Authority Key Identifier:
keyid:0C:57:CB:3A:1E:53:E7:62:9E:E3:B9:F2:67:2D:45:71:EF:85:D2:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFfLOh5T52Ke47nyZy1Fce-F0sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/hKuVVstZ02VioTPU34B-tgb6FfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/DFfLOh5T52Ke47nyZy1Fce-F0sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.48.0/22
IPv6:
2a02:f00::/48
Signature Algorithm: sha256WithRSAEncryption
72:2d:13:2a:96:2b:44:13:cc:70:1a:44:e2:4c:fe:85:56:fe:
ca:b7:8a:4a:85:7f:f6:63:bb:82:52:8f:93:a0:bd:b3:4c:0c:
0f:38:d3:37:36:69:ab:5c:82:8a:53:f9:af:27:ee:77:df:ac:
7f:29:f4:10:21:54:04:5b:3e:7c:f7:e6:94:de:07:0e:da:22:
c7:67:e8:a9:0d:5d:68:aa:40:58:d3:db:f1:7b:20:d1:55:e8:
1c:8c:c1:25:f1:d7:e4:3b:14:0f:ab:9d:3b:5e:4b:95:06:e7:
45:2c:77:ef:4f:1f:74:04:80:a0:45:f9:af:75:a4:3d:3f:19:
0b:41:bc:0f:5b:6f:2c:d7:3c:6b:45:e3:d4:87:46:ad:bd:a7:
cc:f6:b6:7e:fd:76:36:f3:ab:a1:58:00:47:f0:18:b6:d3:87:
05:da:bd:04:e9:80:d5:5a:1c:e9:3b:63:9d:f2:3f:d9:c0:ac:
2a:ca:61:ad:e2:dc:78:83:d6:5c:02:d9:c2:29:a8:69:80:78:
52:c9:0b:f7:04:4b:db:30:9f:bc:de:2a:7c:c2:ba:cc:f3:6d:
1e:b1:87:bc:50:b8:b0:3f:96:3a:2d:a8:0c:77:72:17:33:4f:
8d:26:23:29:19:07:c4:ec:89:15:d3:d0:4d:ce:9b:59:cb:b7:
5d:f6:fe:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC2s8PJ5AW4/nBuX7KGDXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTdjYjNhMWU1M2U3NjI5ZWUzYjlmMjY3MmQ0NTcxZWY4
NWQyYzgwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFiOTU1NmNiNTlkMzY1NjJhMTMzZDRkZjgwN2ViNjA2ZmExNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6wEFr36THQ/VeZ+ESivrbkrAQ5x
GI1dW3HVoXM5adLUhkDJPbZIheRBNEzxV2G/PzDRPO1VFto6pqu7/FgxyMh6Cn7m
DIZdNR4ijrs9PGgozyJlR6DoDkgK8AnEZ6UODYkCbz+PAwhOoxZp2lJPRDQt3c+f
NpnyIaXTuUPZfO4+QBoPu8zbGJbyHwyIzfa1+Dcsu3kj5forxAlJ1iMk7Sz/jVj3
rKWMbwQNn/aviigLFrKX33KtbvnXb7Bc57CNyFNfHYoxQnPKEiLFZ29pfSRBYvFw
JIrGoZhO681SENnhscmzi5qi96GxrU52rIs72jCDyzedBpDhWU0E4yvO9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFISrlVbLWdNlYqEz1N+AfrYG+hXyMB8GA1UdIwQY
MBaAFAxXyzoeU+dinuO58mctRXHvhdLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZmTE9oNVQ1MktlNDdueVp5MUZjZS1GMHNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82YzFlMDEtMTU5NS00N2IwLTllMDMt
Y2Y3MjMyZGRlYmVjLzEvaEt1VlZzdFowMlZpb1RQVTM0Qi10Z2I2RmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82YzFlMDEtMTU5NS00N2IwLTllMDMtY2Y3MjMyZGRlYmVj
LzEvREZmTE9oNVQ1MktlNDdueVp5MUZjZS1GMHNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCXn4wMA8E
AgACMAkDBwAqAg8AAAAwDQYJKoZIhvcNAQELBQADggEBAHItEyqWK0QTzHAaROJM
/oVW/sq3ikqFf/Zju4JSj5OgvbNMDA840zc2aatcgopT+a8n7nffrH8p9BAhVARb
Pnz35pTeBw7aIsdn6KkNXWiqQFjT2/F7INFV6ByMwSXx1+Q7FA+rnTteS5UG50Us
d+9PH3QEgKBF+a91pD0/GQtBvA9bbyzXPGtF49SHRq29p8z2tn79djbzq6FYAEfw
GLbThwXavQTpgNVaHOk7Y53yP9nArCrKYa3i3HiD1lwC2cIpqGmAeFLJC/cES9sw
n7zeKnzCuszzbR6xh7xQuLA/ljotqAx3chczT40mIykZB8TsiRXT0E3Om1nLt132
/ts=
-----END CERTIFICATE-----
Generated at Wed May 29 14:45:37 2024 by rpki-client on console-ams.rpki-client.org